The OpenClaw Security Saga: How AI Adoption Outpaced Security Boundaries

The report details how the OpenClaw AI-agent ecosystem has blurred boundaries between personal projects and enterprise infrastructure, enabling large-scale aggregation of OAuth tokens, API keys, and high-privilege SaaS permissions; it documents ~24,478 internet-exposed instances, marketplace analysis showing numerous over-permissioned skills, a coordinated malicious campaign (ClawHavoc) distributing trojans/infostealers, CVEs and public PoCs, widespread misconfigurations (including leaked API keys on Moltbook), and the high risk of indirect prompt-injection leading to automated data exfiltration across email, cloud, and collaboration platforms.